Mobile Security

How to detect and remove a virus from your Android phone

Jas Dhaliwal, 19 September 2018

Android malware comes in all shapes and sizes; here’s how you can defend your smartphone against it.

Previously in Part 1 of The Avast Guide to Android Apps, we covered all the common malware and how to deal with it. In part 2 of our ongoing series, we take a closer look at the murky world of Android viruses, how they can infect your smartphone, and what you can do to amp up its immunity against them. Let’s dive in.

The first mobile virus

For the longest time, the mobile virus was considered somewhat of a myth. However, that was put to rest after a Czech Republic and Slovakian group called 29a created a virus called Cabir and sent it as a proof of concept to several professional cybersecurity labs. When installed, the virus, a network worm, would infect Symbian and Series 60 OS through an active Bluetooth connection and display the word “Cabir” on the infected phone’s screen. Being simply a proof of concept, it didn’t cause any damage though.

Unfortunately, more dangerous iterations have since surfaced. Some of the popular instances include:

  • SymOS/Kiazha.A — a ransomware Trojan that targeted Symbian OS and deleted incoming and outgoing SMS messages.
  • CommWarrior — another threat that resets the phone on the 14th of every month. Skull imagery installs as a theme package, but the file goes on to disable programs and applications. It also turns all the icons on the phone into Jolly Roger or jigsaw images.

Many such threats have emerged since smartphones have become popular, and many more continue to surface every day. Since cybercriminals are constantly coming up with new ways to trick users into installing their malware, your best bet is understanding how these threats operate. Below is a quick rundown of Android malware.

Types of mobile viruses

As mobile phones have become so integral to our lives, they have unfortunately also become that much more of a lucrative target for cybercriminals. This makes sense considering most of us store important information such as banking details and sensitive account info on our phones. Android viruses come in many flavors, each with its own quirks and entry vectors designed around a certain vulnerability. The following are the most common…

  • Spyware — This type of malware is designed to stealthily pick up information from your phone, and transmit it back to the C&C (command and control server). Spyware comes disguised as legit applications, which is how the cybercriminal tries to fool the user into installing them. Once installed, they start recording information including SMS/text messages, URLs being browsed, application activity, keys being pressed, usernames, and passwords.

  • Ransomware — This malicious program encrypts and locks up your important files, then offers to release them only if you pay a ransom. Spoiler alert: They almost never release the files. But given that so many users have very important data on their smartphones, the impulse to give in and pay is strong. (But don’t do it!)
    unlock-android-phone

  • Worms — These are the deadliest type of Android phone viruses. Designed to endlessly reproduce themselves, worms don’t need any user interaction in order to execute. They generally arrive via SMS, MMS, or other digital media.

  • Trojans — These piggyback on legit applications and infect your phone once it has been installed. Unlike worms, trojans need a user to install them before they can carry out their actions. Once activated, trojans can deactivate certain applications or lock-up your phone for a certain period of time.

Android Vs iPhone infections

Much like the Windows vs iOS debate, the two popular mobile operating systems respond to different types of malware, each targeting a specific vulnerability. Unfortunately, Android users are at a greater risk of contracting malware infections because there are multiple marketplaces on the web apart from the Google Play Store that distribute Android apps. Some are secured sites, others are not.

iOS apps, on the other hand, can only be downloaded from the official Apple App Store which uses some of the most robust security measures in existence. Apps on iOS are also sandboxed, meaning they cannot interact with other applications or with the OS past a certain point. That being said, iOS and Android users are susceptible to phishing attacks through email or even through SMS messages.

Apps in Android are sandboxed, too, but to a lesser extent. Android may be the world’s most popular mobile phone operating system, but it struggles with updating all of its users to the latest secure version of its operating system. A problem that Apple has long since solved. Using an antivirus solution like Avast Mobile Security will go a long way toward ensuring your devices are never compromised.

How can you tell if your phone has a virus

Knowing whether your phone has been infected can get tricky, but certain Android virus symptoms stick out like a sore thumb. Here’s what you should look out for…

  • Apps that crash...a lot — Some apps tend to crash from time to time. However, if you find multiple apps crashing far too frequently, you might be dealing with an Android phone virus.

  • Increased data usage for no apparent reason — Finding your data limit has dropped far more than expected after bingeing on a GOT season is understandable. But what if the same happened after your phone has been just sitting in your pocket the whole day? Might be time for a checkup.

  • Ads keep popping up — Those annoying ads can be blocked easily with browsers like Opera. But if they start popping up when there are no apps running, then the ugly truth may be that you have an adware infection.

  • Battery drains in no time at all — Since most mobile viruses are not optimized, they tend to drain your battery faster than most other apps.

  • Your phone bill is through the roof — Similar to high data usage, a sudden, unexplainable increase on your phone bill is a perfect Android virus warning.

  • Unfamiliar apps — Many of us do not usually bother running a check to see if that cool new app is legit or not. Such an oversight can prove costly as you might inadvertently give a fake app the keys to your phone kingdom.

  • Phone starts overheating — While there may be various reasons why your phone is overheating, malware is often one of the chief culprits.

Looking out for mobile viruses

To make sure none of the above ever happens to you, it’s crucial that you know how mobile malware makes its way into your phone. There are four venues it can use…

  • Infected applications — The most common MO of hackers, popular applications are repackaged with the malware and then distributed through app stores. Oftentimes, cyber-criminals will come up with completely new applications designed specially to trick users into installing them.

  • MalvertisementsMalvertising is the practice of inserting viruses in ads that are distributed through ad networks. Simply clicking on an ad can trigger a virus download, infecting the device.

  • Scams — Users are sent links to infected web pages that contain malicious code. Simply visiting the page can start a virus downloading to the phone (unless it is protected by an antivirus software).

  • Direct-to-device downloads — The least likely type, direct-to-device infections require the hacker to attach a targeted device to another, and manually install the malware to it. This is the stuff of much high-profile corporate espionage.

How to remove a virus from Android phones

So, your worst fears have been confirmed, and all signs point to a virus infection. Your phone isn’t doomed just yet! Here are some methods that will help you rid it of that pesky pest in no time.

Run a trusted Antivirus Scan

Hop on to Google Play and download an antivirus application. But do your homework first. Keep in mind that antivirus apps are a dime a dozen, and there might be virus-ridden malware applications hiding inside them. Only install apps from reputed developers, and if you ever have even an inkling of a doubt the app might be a fake, Google to see if it is.

Also look at third-party labs like AV-TEST and AV-Comparatives. These organizations independently test antivirus apps and publicly post the results. (The free Avast Mobile Security for Android always earns high marks.)

avast-mobile-security-1
Avast Security Pro

Manually remove the virus from your phone

In cases where, for whatever reason, antivirus software may prove ineffective, you can try to uninstall the malware manually…

Step 1 — Put your phone into Safe Mode. Doing so deactivates any apps from running, including malware. Some Android phones will let you Reboot in Safe-Mode, some other phones need a few extra steps to do so.

Step 2 — Once Safe Mode is activated, go to Settings > Apps > Downloaded Apps. Look for the app or apps you don’t think belong there. The best place to start is with the apps you installed just before your phone started acting weird.

Step 3 — When you’ve found the apps, tap Uninstall to delete it for good. Oftentimes, virus-ridden apps will disable the uninstall button, in which case…

Step 4 — Go to Settings > Security > Device Administrators. See if the app is featured on the list there. If it is, simply click Deactivate to remove its access privileges. Now, go back to the app in Downloaded Apps. The Uninstall button should be tappable now.

If all else fails, a factory reset might be your final option. Just remember that doing so will delete all apps and app data from your phone, which is why it’s a good idea to set up periodic data backups.

To reset your android phone...

Step 1 — Go to Settings > Backup & Reset > Factory Data Reset. Now tap Reset Phone.

Step 2 — Enter your passcode as requested to continue.

Step 3 — Reboot your phone.

Step 4 — Restore any backup you made before installing the troubling app.

Focus on keeping your device protected

While due diligence is always advisable, you should consider adding as many layers of security as possible. An updated antivirus app such as Avast Mobile Security for Android can go a long way toward ensuring your device never gets infected. Not only does it scan files and apps in real time for malware, but it also boosts speed by disabling unnecessary tasks.

DOWNLOAD AVAST MOBILE SECURITY

Finally, ignore third-party app stores and manual installation of APK files from regular websites like the plague. As they are the preferred methods of hackers and cybercriminals alike, your chances of installing something harmful go up exponentially. 

Looking ahead to Part 3 of our Avast Guide to Android Apps … has your phone ever felt hotter than you thought it should? It could be the sign of a pressing issue lurking beneath the surface — battery issues, malware infection, or possibly hardware malfunction. In Part 3 of our guide, we discuss all the reasons why your phone might feel like its melting, and how you can cool it off.